procmail
[Top] [All Lists]

Re: starting sendmail without user login shell [was: no vacation sent]

2006-12-29 12:50:08
On 29-Dec-2006, at 11:38, Ryan Steele wrote:
Although, you would think that, since /bin/sh is pretty much a
known quantity in POSIX, that either it or execv would default to  
something sane
 like that instead of the user's login shell, which on many systems  
(especially
mail servers) are set to /bin/false,

If the shell is set to /bin/false then it is likely because the  
admins do not WANT the users spawning shells.

Personally, I think the ability of procmail to spawn a shell that  
overrides the user's default could fairly be considered a security  
risk and if procmail were being developed that would likely be  
something that would be removed and/or handled in an entirely  
different way (perhaps something like chroot jail or something).

-- 
Against stupidity the gods themselves contend in vain.


____________________________________________________________
procmail mailing list   Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail